package com.yituo.mjworld.mvc.action.user;

import com.yituo.mjworld.core.annotation.Rule;
import com.yituo.mjworld.core.web.core.MyHttpRequest;
import com.yituo.mjworld.core.web.core.MyHttpResponse;
import com.yituo.mjworld.mvc.entity.web.UserRole;
import com.yituo.mjworld.mvc.service.impl.AliyunServiceImpl;
import com.yituo.mjworld.mvc.service.impl.OrderServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.io.IOException;

/**
 * 阿里云提供的第三方服务接口
 */
@Component
public class AliyunAction {

  @Autowired
  AliyunServiceImpl aliyunService;
  @Autowired
  OrderServiceImpl orderService;

  /**
   * 获取物流信息
   *
   * @param req
   * @param res
   * @throws IOException
   */
  @Rule(name = "transportId", name_zn = "物流ID")
  public void getLogisticsInfo(MyHttpRequest req, MyHttpResponse res) throws IOException {
    String transportId = req.getParameter("transportId");
    if (UserRole.isWebUser(req.getCurrentUser())) {
      // 普通用户的权限只能查询自己的商品
      if (this.orderService.isOwnerWebUser(req.getCurrentUser().getId(), transportId)) {
        res.success(aliyunService.getLogisticsInfo(transportId));
        return;
      }
      res.failed("无权限查询!");
      return;
    }
    // 其他角色职责不明,暂时定为可全部查看
    res.success(aliyunService.getLogisticsInfo(transportId));
    return;
  }
}
